search

OWASP / CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
https://cheatsheetseries.owasp.org
Creative Commons Attribution Share Alike 4.0 International
27.74k stars 3.89k forks source link

Update: Threat Modeling Cheat Sheet for pytm #1128

Closed jgadsden closed 1 year ago

jgadsden commented 1 year ago

What is missing or needs to be updated?

The OWASP project pytm provides a threat modeling tool which can generate Data Flow Diagrams, Sequence Diagrams and threats to a system. We should include pytm in the Threat Modeling Cheat Sheet

How should this be resolved?

The Threat Modeling cheat sheet could be updated with some wording above the description of Threat Dragon: "OWASP PYTM The OWASP pytm project is a Pythonic framework for threat modeling. It allows a system to be defined in Python using the elements and properties described in the pytm framework. Data Flow Diagrams (DFD) Sequence Diagrams and threats to the system can then be generated."

jgadsden commented 1 year ago

@izar I made an initial suggestion for the wording, but I am sure you can improve on it

szh commented 1 year ago

I think this is a great idea. It'd be great if you could submit a PR for this.

izar commented 1 year ago

Thanks @jgadsden for the idea - i'm in flight now but will make a PR as soon as I land!

jgadsden commented 1 year ago

thanks @izar - leave this with you

izar commented 1 year ago

PR submitted. Thanks @jgadsden for the ping!

szh commented 1 year ago

Fixed in #1134